Zend_Service_Amazon_Ec2_Securitygroups
An Amazon EC2 interface to create, delete, describe, grand and revoke sercurity permissions.
Located in /Service/Amazon/Ec2/Securitygroups.php (line 37)
Zend_Service_Abstract | --Zend_Service_Amazon_Abstract | --Zend_Service_Amazon_Ec2_Abstract | --Zend_Service_Amazon_Ec2_Securitygroups
boolean
authorizeIp
(string $name, string $ipProtocol, integer $fromPort, integer $toPort, string $cidrIp)
boolean
revokeIp
(string $name, string $ipProtocol, integer $fromPort, integer $toPort, string $cidrIp)
Inherited Variables
Inherited from Zend_Service_Amazon_Ec2_Abstract
Zend_Service_Amazon_Ec2_Abstract::$_defaultRegion
Inherited from Zend_Service_Amazon_Abstract
Inherited from Zend_Service_Abstract
authorizeGroup (line 214)
Adds permissions to a security group
When authorizing a user/group pair permission, GroupName, SourceSecurityGroupName and SourceSecurityGroupOwnerId must be specified.
Permission changes are propagated to instances within the security group as quickly as possible. However, depending on the number of instances, a small delay might occur.
- string $name: Name of the group to modify.
- string $groupName: Name of security group to authorize access to when operating on a user/group pair.
- string $ownerId: Owner of security group to authorize access to when operating on a user/group pair.
authorizeIp (line 182)
Adds permissions to a security group
Permissions are specified by the IP protocol (TCP, UDP or ICMP), the source of the request (by IP range or an Amazon EC2 user-group pair), the source and destination port ranges (for TCP and UDP), and the ICMP codes and types (for ICMP). When authorizing ICMP, -1 can be used as a wildcard in the type and code fields.
Permission changes are propagated to instances within the security group as quickly as possible. However, depending on the number of instances, a small delay might occur.
- string $name: Name of the group to modify.
- string $ipProtocol: IP protocol to authorize access to when operating on a CIDR IP.
- integer $fromPort: Bottom of port range to authorize access to when operating on a CIDR IP. This contains the ICMP type if ICMP is being authorized.
- integer $toPort: Top of port range to authorize access to when operating on a CIDR IP. This contains the ICMP code if ICMP is being authorized.
- string $cidrIp: CIDR IP range to authorize access to when operating on a CIDR IP.
create (line 54)
Creates a new security group.
Every instance is launched in a security group. If no security group is specified during launch, the instances are launched in the default security group. Instances within the same security group have unrestricted network access to each other. Instances will reject network access attempts from other instances in a different security group. As the owner of instances you can grant or revoke specific permissions using the authorizeIp, authorizeGroup, revokeGroup and {$link revokeIp} operations.
- string $name: Name of the new security group.
- string $description: Description of the new security group.
delete (line 148)
Deletes a security group.
If you attempt to delete a security group that contains instances, a fault is returned. If you attempt to delete a security group that is referenced by another security group, a fault is returned. For example, if security group B has a rule that allows access from security group A, security group A cannot be deleted until the allow rule is removed.
- string $name: Name of the security group to delete.
describe (line 78)
Returns information about security groups that you own.
If you specify security group names, information about those security group is returned. Otherwise, information for all security group is returned. If you specify a group that does not exist, a fault is returned.
- string|array $name: List of security groups to describe
revokeGroup (line 285)
Revokes permissions from a security group. The permissions used to revoke must be specified using the same values used to grant the permissions.
Permission changes are propagated to instances within the security group as quickly as possible. However, depending on the number of instances, a small delay might occur.
When revoking a user/group pair permission, GroupName, SourceSecurityGroupName and SourceSecurityGroupOwnerId must be specified.
- string $name: Name of the group to modify.
- string $groupName: Name of security group to revoke access to when operating on a user/group pair.
- string $ownerId: Owner of security group to revoke access to when operating on a user/group pair.
revokeIp (line 253)
Revokes permissions from a security group. The permissions used to revoke must be specified using the same values used to grant the permissions.
Permissions are specified by the IP protocol (TCP, UDP or ICMP), the source of the request (by IP range or an Amazon EC2 user-group pair), the source and destination port ranges (for TCP and UDP), and the ICMP codes and types (for ICMP). When authorizing ICMP, -1 can be used as a wildcard in the type and code fields.
Permission changes are propagated to instances within the security group as quickly as possible. However, depending on the number of instances, a small delay might occur.
- string $name: Name of the group to modify.
- string $ipProtocol: IP protocol to revoke access to when operating on a CIDR IP.
- integer $fromPort: Bottom of port range to revoke access to when operating on a CIDR IP. This contains the ICMP type if ICMP is being revoked.
- integer $toPort: Top of port range to revoked access to when operating on a CIDR IP. This contains the ICMP code if ICMP is being revoked.
- string $cidrIp: CIDR IP range to revoke access to when operating on a CIDR IP.
Inherited Methods
Inherited From Zend_Service_Amazon_Ec2_Abstract
Zend_Service_Amazon_Ec2_Abstract::__construct()
Inherited From Zend_Service_Amazon_Abstract
Inherited From Zend_Service_Abstract
Documentation generated on Mon, 21 Jun 2010 15:43:36 -0400 by phpDocumentor 1.4.3